What Is Cyber Security?
Best Practice Today Requires Integrated Cyber Defense.
To understand cyber security, you first have to understand how deeply ‘cyber’ is woven into our business and personal lives. In this Cloud Generation, identities and personas spread across services and platforms, and information flows freely across various devices, some company owned, most not. Easy online document sharing, email available on every device, databases accessible from anywhere, phones you talk to not through—we take all this for granted.
Yes, cyber security works to protect computers, smart devices, and networks from digital dangers. But the larger point is cyber security protects sensitive data, apps, systems, devices, enterprises, power grids and other critical infrastructure—the beating heart and lifeblood of our connected world.
Cyber security defends this connected world with highly trained experts and constantly enhanced or newly invented technologies, practices, and processes that identify and stop unauthorized or unintended access or leakage, denial of services attacks, social engineering traps, and destructive malware. Hackers and cyber criminals stalk the internet with bots, go phishing, and spread malware; they hope to access, alter, or delete sensitive information, or extort money, or mess with your business simply because they can. Cyber security vendors provide products (both software and hardware) and services (both human and algorithmic) that prevent, detect, and respond to these and many other cyber threats and cyber attacks.
Data has moved out from controlled, protected environments to ... everywhere. How do you know what data is important, where it’s located, and how to defend it?
How big is the problem? The 2019 Ninth Annual Cost of Cyber Crime Study (by Accenture and the Ponemon Institute) notes the average annual cost of cyber crime, per company, increased 29 percent in 2018 to US$27.4 million; globally, the average annual cost per company was US$13.0 million. The study estimates over the next five years that the total value at risk from cyber crime—globally across industries—is US$5.2 trillion.
That’s just the economic costs. The reputational costs could be worse. Add in the trauma of disrupted or derailed lives from breaches, lost files, identity theft. And just try to imagine the physical impact—inoperable power grids, scrambled medical data—of full-scale cyber war waged by powerful nation-states or state-sponsored bad actors.
Meeting this growing challenge requires resources. Gartner reports that worldwide spending on cyber security products and services was $101.4 billion in 2017. The firm estimates the market grew to more than $114 billion in 2018 and expects it to increase to $124 billion in 2019. Yet even with this all spending, 53 percent of US organizations report they’re constrained by a ‘problematic’ cyber security staff/skills shortage, according to the ESG Research Report, 2019 Technology Spending Intentions Survey.
In today’s world of increasingly sophisticated cyber criminals and easily accessible hacking tools, cobbled-together collections of isolated point products, no matter how good they are, can’t protect your organization—cyber criminals just have too many ways in. You have to extend cyber security to the ever-expanding mix of devices, connections, networks, and hosted apps that power your business using an integrated approach that ensures your technologies, services, and threat intelligence work as one.
A modern cyber security framework weaves together these technology categories.
Information protection: Ensure your sensitive information and IT assets are protected and in compliance at all times, wherever they are stored—and only authenticated users may access them. Technologies: Encryption, data loss prevention, multifactor authentication, tagging, and analytics.
Threat protection: Gain a complete view into malicious activities across control points so you contain, investigate, and remediate all instances of a threat. Technologies: Multiple threat prevention, detection, and response layers, and forensic technologies.
Identity management: Reduce the risk of breaches and unauthorized access. Technologies: Cloud-based authentication services with multifactor authentication to cloud apps, the network, and virtual private networks.
Compliance enforcement: Inventory IT assets, evaluate vulnerabilities, govern information access, and automate compliance reporting for such regulatory and best practice frameworks as GDPR, HIPAA, NIST, PCI, and SWIFT. Technologies: A suite of governance, risk management, and compliance tools.
A modern cyber security framework is powered by these platform foundations.
Threat intelligence: Discovering and block targeted attacks and cyber crime that would otherwise go undetected. Platform foundation: Threat intelligence that applies deep security research, expert analysis, and AI to monitor and synthesize captured telemetry.
AI and machine learning: Identify potential threats and speed incident response and remediation. Platform foundation: AI and machine learning that analyzes massive amounts of control point data and sifts through entire telemetry sets.
APIs: Simplify security platform integrations and enhance protection, investigation, and remediation across endpoints, networks, email, cloud applications—and third-party products.
Shared provider dashboard: Reduce incident response times from days to minutes. Platform foundation: Shared provider dashboard gives you unified visibility into threats, policies, and incidents.
Automation: Simplify investigation, accelerate incident response, and minimize attack damage. Platform foundation: Automation replaces manual processes and lowers security operations costs.
A modern cyber security framework protects across all control points.
Endpoint security: Protect enterprise and mobile workforces regardless of operating system, device, or network security with a single agent architecture delivering multilayered security across all possible endpoints: desktop, server, mobile, and IoT.
Web and network security: Defend against advanced threats, protect critical business information, and ensure secure, compliant use of the cloud and web with cloud and on-premises network security solutions based on an advanced proxy architecture.
Email security: Identify targeted attacks, guard against user error (enabling ransomware, spear phishing, and business email compromise), and stop data leakage with advanced analytics and multiple layers of protection, including threat isolation.
Cloud app security: Secure cloud access, infrastructure, and applications, and safeguard users, information, and workloads across public and private clouds, with in-depth visibility, data security, and threat protection.
Integrated cyber defense is the best, and perhaps only, way to achieve Zero Trust, a conceptual and architectural model, first promoted by Forrester Research, now gaining acceptance among cyber security professionals.
Traditionally, enterprises focused their cyber security efforts and resources on a perimeter defense: External traffic that made it past the cyber security firewall or gateway was ‘clean,’ and traffic exiting the perimeter was nobody’s business. The reality, however, is that cyber threats are everywhere—both inside your enterprise and beyond—and data loss is a huge problem.
Enterprises have to do more than try to protect their disappearing perimeter. Traditional corporate security measures, while necessary, are no longer sufficient; most threats aim to bypass or avoid traditional firewalls, endpoint protection, and data loss prevention technologies.
Instead, organizations need to apply protection to data itself, and put controls in place across all points of access to data, including mobile devices, cloud workloads, and corporate networks. Nobody gets a free pass. Trust No One. That’s Zero Trust.